Senate committee finds few hurdles with cyber proposal

WFED's Jason Miller on the Federal Drive

The White House's cybersecurity proposal made it through its first hurdle Monday as Senate Homeland Security and Governmental Affairs Committee members offered wide support for it.

Sens. Joseph Lieberman (I-Conn.), Susan Collins (R-Maine) and Tom Carper (D-Del.), the three sponsors of one of the major cybersecurity bills now before Congress, applauded the administration's approach in that it followed closely to their bill.

"The White House's proposed cybersecurity legislation represents a turning point in our efforts to pass the strong measures we need to protect consumers, businesses, critical infrastructure and our national security from terrorist, spies and crooks," said Lieberman, the committee's chairman, during a hearing on the administration's proposal. "I'm pleased not just by the appearance by the administration's cyber legislation, but also by its substance."

Collins, the committee's ranking member, offered general praise, but also questioned several areas that the administration left out or overlooked.

"I am pleased the administration has now fully engaged on the imperative issues of cybersecurity," Collins said. "[T]he government's overall approach to cybersecurity has been disjointed and uncoordinated."

The Senate seems committed to passing comprehensive cybersecurity legislation this year that brings together major pieces of the White House's bill, and the assortment of others lawmakers introduced over the past few months.

"The majority leader, Senator [Harry] Reid, has taken a very active interest in this legislation," Lieberman said. "It remains a priority of his for this session. I've said to him I believe this is the most important piece of legislation coming out of our Homeland Security Committee in this session. He is working, I'm pleased to say, with Republican leader Sen. Mitch McConnell. There are five or six different committees of the Senate that claim some part of the jurisdiction over this subject matter. I believe it's the intention of the bipartisan leadership of the Senate to establish a process by which all those committees can as quickly as possible negotiate any remaining differences in the bills that have come out of committee."

Lieberman said almost all of the differences between his committee's bill and the Commerce, Science and Transportation Committee's version have been worked out.

But there are at least three other committees with a lot of interest in cyber legislation. Lieberman said Reid's groups will not come together until after the administration testifies as much as five more times on its proposal.

Monday's hearing before Lieberman and Collins' committee showed just how much common ground exists now, but also some potential sticking points emerged.

One of the biggest remaining hurdles is whether the legislation should update the President's power for overseeing the Internet in the case of a national emergency.

Collins said she was "baffled" about why the administration is relying on the Communications Act of 1934.

"This is an area where we should be thinking ahead about exactly what authorities we want the President to have rather than leaving it ambiguous, rather than relying on a 1934 law that allows the President to take over control of radio stations," she said. "This just doesn't make sense to me. I hope you will work further with us to carefully define what the authorities are and to update the law."

Phil Reitinger, the Homeland Security Department's deputy undersecretary for the National Protection and Programs Directorate, signaled the administration would be willing to discuss an update.

"The statutory authorities in this space were written long ago and were not designed with the current enforcement in mind," Reitinger said. "There are authorities there. The administration's bill doesn't include any additional emergency authorities for the President. Neither the committee or the administration sought or seeks any Internet kill switch. This is however a critical issue. This is a key area where I hope there would be further discussions between administration and the Congress to figure out the right set of mechanisms, if any, that were necessary to move forward in this space."

Jason Chipman, the senior counsel to the deputy attorney general, said the administration wants to discuss this issue with Congress.

"The issue of what emergency powers are needed tends to be very context driven," he said. "So the answer to that question I think becomes fairly nuanced depending on the type of emergency the government is facing. The work DHS has done to create a national cyber incident response plan is quite key. But beyond that it merits discussion."